Search Results (351250 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2001-1563 2 Apache, Hp 2 Tomcat, Secure Os 2026-04-16 N/A
Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.
CVE-2002-0234 1 Juniper 1 Netscreen Screenos 2026-04-16 N/A
NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which consumes all available connections.
CVE-2003-1140 1 Musicqueue 1 Musicqueue 2026-04-16 N/A
Buffer overflow in Musicqueue 1.2.0 allows local users to execute arbitrary code via a long language variable in the configuration file.
CVE-2003-1251 1 Nx 1 N X Web Content Management System 2002 2026-04-16 N/A
The (1) menu.inc.php, (2) datasets.php and (3) mass_operations.inc.php (mistakenly referred to as mass_opeations.inc.php) scripts in N/X 2002 allow remote attackers to execute arbitrary PHP code via a c_path that references a URL on a remote web server that contains the code.
CVE-2003-1141 1 Network Instruments 1 Niprint Lpd-lpr Print Server 2026-04-16 N/A
Buffer overflow in NIPrint 4.10 allows remote attackers to execute arbitrary code via a long string to TCP port 515.
CVE-2001-0733 1 Ralf S. Engelschall 1 Eperl 2026-04-16 N/A
The #sinclude directive in Embedded Perl (ePerl) 2.2.14 and earlier allows a remote attacker to execute arbitrary code by modifying the 'sinclude' file to point to another file that contains a #include directive that references a file that contains the code.
CVE-2001-1528 1 Amtote 1 Homebet 2026-04-16 N/A
AmTote International homebet program returns different error messages when invalid account numbers and PIN codes are provided, which allows remote attackers to determine the existence of valid account numbers via a brute force attack.
CVE-2003-1136 1 Chi Kien Uong 1 Chi Kien Uong Guestbook 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Chi Kien Uong Guestbook 1.51 allows remote attackers to inject arbitrary web script or HTML via (1) HTML in a posted message or (2) Javascript in an onmouseover attribute in an e-mail address or URL.
CVE-2001-1058 1 Wolfram Research 1 Mathematica 2026-04-16 N/A
The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to bypass access control (specified by the -restrict argument) and steal a license via a client request that includes the name of a host that is allowed to obtain the license.
CVE-2001-0632 1 Sun 1 Chilisoft 2026-04-16 N/A
Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin username and password in the default installation, which can allow a remote attacker to gain additional privileges.
CVE-2001-1524 1 Francisco Burzi 1 Php-nuke 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) uname parameter in user.php, (2) ttitle, letter and file parameters in modules.php, (3) subject, story and storyext parameters in submit.php, (4) upload parameter in admin.php and (5) fname parameter in friend.php.
CVE-2003-1117 1 Realnetworks 2 Realsystem Proxy, Realsystem Server 2026-04-16 N/A
Buffer overflow in RealSystem Server 6.x, 7.x and 8.x, and RealSystem Proxy 8.x, related to URL error handling, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2002-0207 1 Realnetworks 2 Realone Player, Realplayer Intranet 2026-04-16 N/A
Buffer overflow in Real Networks RealPlayer 8.0 and earlier allows remote attackers to execute arbitrary code via a header length value that exceeds the actual length of the header.
CVE-2002-0198 1 Paul L Daniels 2 Inflex, Ripmime 2026-04-16 N/A
Buffer overflow in plDaniels ripMime 1.2.6 and earlier, as used in other programs such as xamime and inflex, allows remote attackers to execute arbitrary code via an attachment in a long filename.
CVE-2005-3633 1 Sap 1 Sap Web Application Server 2026-04-16 N/A
HTTP response splitting vulnerability in frameset.htm in SAP Web Application Server (WAS) 6.10 through 7.00 allows remote attackers to inject arbitrary HTML headers via the sap-exiturl parameter.
CVE-2001-0410 1 Trend Micro 1 Virus Buster 2001 2026-04-16 N/A
Buffer overflow in Trend Micro Virus Buster 2001 8.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long "From" header.
CVE-2005-3247 2 Ethereal Group, Redhat 2 Ethereal, Enterprise Linux 2026-04-16 N/A
The SigComp UDVM in Ethereal 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
CVE-2005-3281 1 Nukefixes 1 Nukefixes 2026-04-16 N/A
Directory traversal vulnerability in NukeFixes 3.1 for PHP-Nuke 7.8 allows remote attackers to include arbitrary files via the file parameter.
CVE-2001-0416 4 Debian, Immunix, Mandrakesoft and 1 more 4 Sgml-tools, Immunix, Mandrake Linux and 1 more 2026-04-16 N/A
sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools.
CVE-2003-1276 1 Nettelephone 1 Nettelephone 2026-04-16 N/A
Netfone.exe of NetTelephone 3.5.6 uses weak encryption for user PIN's and stores user account numbers in plaintext in the HKEY_CURRENT_USER\Software\MediaRing.com\SDK\NetTelephone\settings registry key, which could allow local users to gain unauthorized access to NetTelephone accounts.